Truebit Incident Analysis

On 08 January 2026 Truebit was exploited via an integer overflow in its purchase-price calculation (Solidity versions <0.8.0), enabling an attacker to mint large amounts of TRU for zero ETH and swap them for ~8,535 ETH (reported loss ~$26.6M) with an additional follow-up extraction. The report provides transaction steps, analysis of the overflow arithmetic (2^256 wrap), involved contract and wallet addresses, and fund flow details including transfers to a mixer.